package com.onluy.conf.shiro;


import com.alibaba.fastjson.JSON;
//import com.onluy.entity.sysmgr.SysUser;
//import com.onluy.servic.sysmgr.SysUserService;
import com.onluy.frameworkcloud.tools.utils.RedisUtil;
import net.sf.json.JSONObject;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.ArrayList;
import java.util.List;

public class ShiroRealm extends AuthorizingRealm {

    protected Logger log =   LoggerFactory.getLogger(this.getClass());

    private  String salt;
    public String getSalt() {
        return salt;
    }
    public void setSalt(String salt) {
        this.salt = salt;
    }


    @Autowired(required=true)
    private RedisUtil redisUtil;


    //@Autowired(required=true)
    //private SysUserService sysUserService;



//    @Autowired(required=true)
//    private AuthUserRigthService authUserRigthService;
//
//
//    @Autowired(required=true)
//    private AuthRoleRigthService authRoleRigthService;



    //认证操作
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //从token中获取登录的用户名， 查询数据库返回用户信息
        log.warn("=================doGetAuthenticationInfo:"+token.toString());
        UsernamePasswordToken pwdtoken=(UsernamePasswordToken)token;
        String Web_Name= ""+pwdtoken.getUsername();
        String Web_Passwd= new String( pwdtoken.getPassword() );
        //SysUser entity =new SysUser();
        //entity.setWebName(Web_Name)   ;

        String password = new String((char[])pwdtoken.getCredentials()); //得到密码
        log.info("=================Web_Passwd getCredentials:"+password);

        Md5Hash hash = new Md5Hash(Web_Passwd, salt, 3);
        log.info("=================Web_Passwd hash:"+hash);

        //entity.setWebPasswd( hash.toString())   ;

        //log.info("=================condtion : "+ JSON.toJSONString(entity));
        //SysUser user=  sysUserService.model( entity);

        //if(user==null || (user!=null &&  Web_Name.equals(user.getWebName()) ==false )  ) {
        //    return null;
       // }

        //清楚导航缓存
        //redisUtil.set("sysindex_nav"+user.getUserId(), "");

        //log.info("=================userJson : "+ JSON.toJSONString(user));

        //SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(JSON.toJSONString(user), hash.toString(),
         //       ByteSource.Util.bytes(salt),
         //       getName());
        //return info;
        return null;
    }



    @Override
    public String getName() {
        return "ShiroRealm";
    }

    //授权操作
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

//        SysUser user =    JSON.parseObject(principals.getPrimaryPrincipal().toString(),SysUser.class)   ;
//        log.info("=================doGetAuthorizationInfo user : "+JSONObject.fromObject(user ));
//        List<String> permissions = new ArrayList<String>();
//        List<String> roles = new ArrayList<String>();
//        if("wujun".equals(user.getWebName())){
//            permissions.add("*");
//            roles.add("*");
//        }


//        log.info("---------------permissions:"+permissions.toString());
//        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//        info.addStringPermissions(permissions);
//        info.addRoles(roles);
//        return info;
        return null;
    }

    //清除缓存
    public void clearCached() {
        //获取当前等的用户凭证，然后清除
        PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
        super.clearCache(principals);
    }


}